ProductsDesktop Server For Scientific Computing For IBM POWER For IBM System z For SAP Business Applications Red Hat Network Satellite ManagementExtended Update Support High Availability High Performance Network Load Balancer Resilient Storage Scalable File System Smart Management Extended Lifecycle SupportDeveloper Studio Portfolio Edition Web Framework Kit Application Platform Web Server Data Grid Portal Platform Red Hat JBoss A-MQ Red Hat JBoss Fuse SOA Platform Business Rules Management System (BRMS) Data Services Platform Messaging JBoss Operations Network JBoss Community or JBoss enterprise
SolutionsApplication development Business process management Enterprise application integration Interoperability Operational efficiency Security VirtualizationSolaris to Red Hat Enterprise Linux Migration overview Migrate from your UNIX platform How to migrate to Red Hat Enterprise Linux Upgrade to the latest Red Hat Enterprise Linux release JBoss Enterprise Middleware Benefits of migrating to Red Hat Enterprise Linux Migration services Start a conversation with Red Hat
TrainingPopular and new courses Red Hat JBoss Administration curriculum Core System Administration curriculum JBoss Middleware Development curriculum Advanced System Administration curriculum Linux Development curriculum Cloud Computing, Virtualization, and Storage curriculum
ConsultingBusiness Process Management Cloud and Virtualization Custom Software Development Enterprise Data and Storage Systems Management Migrations
Red Hat Corrects Security Flaw Within Hours
Research Triangle ParkUnited States, April 27, 2000
Open Source Software Enables Discovery of Flaw and Creation of Fix and Release to Customers Within Hours
Red Hat, Inc. (NASDAQ:RHAT), the leader in open source solutions for Internet infrastructure, created a fix for a security flaw in Piranha, the high-availability clustering component of its Red Hat Linux 6.2 open source operating system, last week and issued it to customers within hours of notification by Internet Security Systems. The flaw, identified on the afternoon of Wednesday, April 19, was corrected by Red Hat that evening. An initial patch correcting the software was released to customers on Thursday morning, April 20. The flaw appeared only in version 6.2 of the Red Hat Linux operating system.
The availability of source code enabled the flaw to be discovered and fixed quickly. Corrections for security bugs in proprietary software often may not be available for two weeks or longer.
"We are pleased that the open source development approach enabled us to fix this flaw so quickly," said Michael Tiemann, CTO, Red Hat. "Software is very complex and sometimes errors happen in development. Some have incorrectly called this flaw a 'back door,' which clearly it is not. Software flaws happen, but with open source there's a vast community of experts who make it their mission to seek out and solve problems quickly. This is a perfect example of that process in action - within hours of our learning of the problem, we delivered a fix to our customers."
Red Hat encourages its customers to learn more about the rapid correction of any problem in the Updates and Errata section of our website. An update specific to the piranha package can be found at http://www.redhat.com/support/errata/RHSA-2000014-16.html.
LINUX is a trademark of Linus Torvalds. RED HAT is a registered trademark of Red Hat, Inc. All other names and trademarks are the property of their respective owners.